lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 20 Aug 2016 11:32:55 +0200 From: walter harms <wharms@....de> To: unlisted-recipients:; (no To-header on input) CC: linux-rdma@...r.kernel.org, netdev@...r.kernel.org, Leon Romanovsky <leonro@...lanox.com>, Matan Barak <matanb@...lanox.com>, LKML <linux-kernel@...r.kernel.org>, kernel-janitors@...r.kernel.org, Julia Lawall <julia.lawall@...6.fr> Subject: Re: [PATCH] mlx5/core: Use memdup_user() rather than duplicating its implementation Am 20.08.2016 08:01, schrieb SF Markus Elfring: > From: Markus Elfring <elfring@...rs.sourceforge.net> > Date: Sat, 20 Aug 2016 07:50:09 +0200 > > * Reuse existing functionality from memdup_user() instead of keeping > duplicate source code. > > This issue was detected by using the Coccinelle software. > > * Return directly if this copy operation failed. > > Signed-off-by: Markus Elfring <elfring@...rs.sourceforge.net> > --- > drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 17 +++-------------- > 1 file changed, 3 insertions(+), 14 deletions(-) > > diff --git a/drivers/net/ethernet/mellanox/mlx5/core/cmd.c b/drivers/net/ethernet/mellanox/mlx5/core/cmd.c > index 6388bc0..bb89f04 100644 > --- a/drivers/net/ethernet/mellanox/mlx5/core/cmd.c > +++ b/drivers/net/ethernet/mellanox/mlx5/core/cmd.c > @@ -1132,7 +1132,6 @@ static ssize_t data_write(struct file *filp, const char __user *buf, > struct mlx5_core_dev *dev = filp->private_data; > struct mlx5_cmd_debug *dbg = &dev->cmd.dbg; > void *ptr; > - int err; > > if (*pos != 0) > return -EINVAL; > @@ -1140,25 +1139,15 @@ static ssize_t data_write(struct file *filp, const char __user *buf, > kfree(dbg->in_msg); > dbg->in_msg = NULL; > dbg->inlen = 0; > - > - ptr = kzalloc(count, GFP_KERNEL); > - if (!ptr) > - return -ENOMEM; > - > - if (copy_from_user(ptr, buf, count)) { > - err = -EFAULT; > - goto out; > - } > + ptr = memdup_user(buf, count); > + if (IS_ERR(ptr)) > + return PTR_ERR(ptr); > dbg->in_msg = ptr; > dbg->inlen = count; > > *pos = count; > maybe i am missing something here but why do you need ptr ? The use of count looks even more confusing it is stored in dbg->inlen, *pos and is returned. is that realy needed ? re, wh > return count; > - > -out: > - kfree(ptr); > - return err; > } > > static ssize_t data_read(struct file *filp, char __user *buf, size_t count,
Powered by blists - more mailing lists